身份重置/确认令牌在localhost上有效,但在服务器上进行测试时无效

时间:2015-12-14 13:23:06

标签: asp.net-mvc-5 asp.net-identity-2

我有一个'admin'应用程序,它有这个控制器并在localhost X上运行:

[HttpPost][ValidateAntiForgeryToken]
        public async Task<ActionResult> StuurActivatieEmail(EditPostModel model)
        {
            Task<AppUser> appUserTask = AppUserManager.FindByNameAsync(model.usernaam);

            AppUser appUser = await appUserTask;
            if (appUser == null) 
                 return View("Error", new string[] 
                                { selectedTable + " niet gevonden." });
            string confirmCode = AppUserManager.GenerateEmailConfirmationToken(appUser.Id);
            string resetCode = AppUserManager.GeneratePasswordResetToken(appUser.Id);
            string userId = System.Web.HttpUtility.UrlEncode(appUser.Id);

            confirmCode = System.Web.HttpUtility.UrlEncode(confirmCode);
            resetCode = System.Web.HttpUtility.UrlEncode(resetCode);

            var callbackUrl = "http://www.example.nl/Newportal/Account/ConfirmEmail?";

            callbackUrl += "userId=" + userId + "&";
            callbackUrl += "confirmCode=" + confirmCode + "&";
            callbackUrl += "resetCode=" + resetCode;
            Task sendEmailTask = AppUserManager.SendEmailAsync(appUser.Id, "Activeer uw Oostendorp Nederland account", "Geachte heer/mevrouw,<br /><br />bla bla <a href=\"" + callbackUrl + "\">link</a> bla bla.");
            string succesMsg = "Er is succesvol een mail verzonden.";
            TempData["SuccesMessage"] = succesMsg;
            await sendEmailTask;
            return RedirectToAction("Index", "Table", new { selectedTable });
        }

以上代码会发送电子邮件。

我有另一个在localhost Y上运行的普通'用户'应用程序。当我复制链接并将域更改为我的localhost时,ConfirmEmail操作方法验证emailConfirmationToken(confirmCode),然后发送用户(如果代码成功验证)到他可以提交密码的表格。 passwordResetToken(resetPassword)作为隐藏值传入。

[AllowAnonymous]
public async Task<ActionResult> ConfirmEmail(string userId, string confirmCode, string resetCode)
{
    if (userId == null || confirmCode == null || resetCode == null)
    {
        return View("Error", new string[] { "Er is een onbekende fout opgetreden" });
    }
    var result = await AppUserManager.ConfirmEmailAsync(userId, confirmCode);
    if (result.Succeeded) 
    {
        return RedirectToAction("ResetPassword", new { code = resetCode });
    }
    return View("Error", new string[] { "Er is een onbekende fout opgetreden." });
}

提交此表单后,将调用ResetPassword操作方法。当passwordResetToken正确且符合密码要求时,密码(或至少其哈希值)会成功保存,用户可以登录。

[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> ResetPassword(ResetPasswordVM model)
{
    if (!ModelState.IsValid)
    {
        return View(model);
    }
    AppUser appUser = await AppUserManager.FindByNameAsync(model.UserName);
    if (appUser == null)
    {
        // Don't reveal that the user does not exist
        return RedirectToAction("ResetPasswordConfirmation", "Account");
    }
    var result = await AppUserManager.ResetPasswordAsync(appUser.Id, model.Code, model.NewPassword);
    if (result.Succeeded)
    {
        return RedirectToAction("ResetPasswordConfirmation", "Account");
    }
    AddErrorsFromResult(result);
    return View();
}

但是,当我将所有这些发布到我们的服务器并在那里进行测试时会得到一个无效的令牌错误消息,任何帮助都会非常感激,因为我没有选择

0 个答案:

没有答案
相关问题
最新问题